How severe is CVE-2021-2039?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.6 out of 10.

What type of vulnerability is CVE-2021-2039?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-2039

HIGH Year: 2021

CVSS v3 Score

7.6

High

CVSS v2 Score

4.9

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Search). Supported versions that are affected are 20.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel Core - Server Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel Core - Server Framework accessible data as well as unauthorized update, insert or delete access to some of Siebel Core - Server Framework accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N).

CVE-2016-1577

HIGH

CVSS:7.6(High)

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a cra...

NVD-CWE-Other2016

CVE-2016-1613

HIGH

CVSS:7.6(High)

Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have u...

NVD-CWE-Other2016

CVE-2016-2052

HIGH

CVSS:7.6(High)

Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data...

NVD-CWE-Other2016

CVE-2016-3544

HIGH

CVSS:7.6(High)

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 11.2.1.0.0 allows remote authenticated users to affec...

NVD-CWE-Other2016

CVE-2016-3565

HIGH

CVSS:7.6(High)

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 5.1 and 5.2 allows remote authenticated users to affect confidentiality, integrity, and availability...

NVD-CWE-Other2016

CVE-2016-5447

HIGH

CVSS:7.6(High)

Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unkn...

NVD-CWE-Other2016

CVE-2021-2039

Vulnerability Description

Related Vulnerabilities

CVE-2016-1577

CVE-2016-1613

CVE-2016-2052

CVE-2016-3544

CVE-2016-3565

CVE-2016-5447